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BROADBANB MULTI-SEMVICE PROXY SERVER SYSTEM AN© METHOD OF 
OPERATION FOR INTERNET SERVICES OF USER'S CHOICE 



Inventors: David J. Allard and James M. Dunn 

BACKGROUND OF THE INVENTION 



1) FIELD OF INVENTION 

1 5 This invention relates to a communication systems and methods of operation. More 

particularly, the invention relates to a broadband multi-service proxy server in a communication 
system and method of operation for Internet services of user's choice. 

2) BACKGROUND DISCUSSION 

In today's Internet environment, individual users may choose any initial Internet Service 
20 Provider (ISP) they wish. The ISP provides the user a dial-in number and a log on script that 
contains the user-id and oftentimes a password. In a typical scenario, when the user dials in, an 
authentication server answers the call (dial modem), and if the ID is authenticated, assigns the 
user to an Internet address from a local pool of addresses. From this point on, the user is 
connected to the Internet through the dedicated dial line and the ISP's router. 
25 In a broadband IP-based network, however, where multiple users share a common 

connection line, there is currently no way to attach a group of users to their individual choices of 
an ISP. A user may send a connection request to their ISP, and to their authentication server, but 
since the network authentication server has not yet assigned the user's IP address to them, there 
is no way for the return message to be routed back to the user. For this reason, cable company 
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customers must purchase their ISP functions from the cable company affiliated ISP, since the 
authentication process must know to whom to assign an IP address. 

What is needed in the art is a system and method of operation for broadband customers in 
a communication system to connect to an ISP of their choice for Internet services and not be 
5 attached to an ISP affiliated with a broadband network, e.g. a cable network for Internet services. 
Prior art related to servicing broad band customers in another network includes: 
USP 5, 949, 779 issued September 7, 1999, filed May 8, 1997 discloses a system for 
providing remote access and control of electronic devices connected to a consumer electronic 
bus (CEB). A proxy node is provided on a CEB bus wherein the proxy node is also linked to a 
10 master node via a broad band access network. The remotely located master node may 

communicate with one or more devices located on a CEB bus by transmitting messages to the 
proxy node over the broad band area network. The proxy node converts messages from a ATM 
protocol compatible with transmissions over the broad band area network to a CEB bus network 
protocol and then forwards the messages to recipient devices over the CE bus network. In the 
15 opposite direction, a device on a CE bus network may communicate with a remotely located 
master node by transmitting CE bus - standard messages to the respective proxy nodes over the 
CE bus network. The proxy node packatizes the messages into an ATM transmission format and 
forwards the messages to the master node over the broad band area network. 

The prior art fails to disclose a broadband communication system which enables users 
20 to connect to the Internet using an Internet Service Provider of their choice. 

SUMMARY OF THE INVENTION 
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An object of the invention is a system and method of operation enabling customers of 
broadband networks to receive Internet service from providers of their choice. 

Another object is a broadband multiservice proxy server and method of operation, which 
allow broadband network customers to obtain Internet service from Internet service providers of 
5 their choice. 

Another object is a broadband multi-server proxy server and method^ operation in an 
Internet environment using a message format which enables broadband^^tomers to select an 
ISP of their choice for services available from the Internet. 

These and other objects, features and advantages are apfiieved in a broadband multi- 
10 server proxy server and method of operation using an extiefnded DHCP message format which 
enables broadband customers, typically cable netwoj* customer, to select an ISP of their choice 
for services available from the Internet. A broa^and network includes a multi channel cable 
coupled at one end to a plurality of customer^ and a home network serving several stations 
within a location. The network is couo}^ at the other end to head end equipment providing 
15 cable services to the cable customers. Each customer is assigned a Medium Access Control 
(MAC) address on the network: The head end equipment is linked to a modem management 
system and a router. A Bne^adband Multi-service Proxy Server (BMPS) having a database 
containg customer sery^ce information is coupled to the router. The MAC addresses of the cable 
customers are stored in the database. An Internet Service Provider network is coupled to the 
20 router and serWs a plurality of Internet Service Providers (ISP), each ISP being linked to the 
Internet. In^peration, the cable customers register with the ISPs of their choice. The ISPs send 
the custmners a customer ID, password, a log on script and updates its database and the database 
of thfe BMPS with the customer information. The BMPS authorizes the customer modem and 
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router for access to the ISP. As part of a customer's logon request, the MAC addpessTs attached 
to identify the origination point of the request. The logon script sendsthH^n request in an 
extended DHCP message to the ISP via the BMPS for an Intern^t-^^ress. The BMPS checks 
the logon request against the database to verify a legitima^^customer and obtains the customer 
profile for management and billing purposes. The^S sends the logon request to the 
requested ISP using the customer ID, password^^d the BMPS as the source address for any 
customer message. The ISP verifies the cummer address again its database and updates the 
router address tables to accept customer messages with the new address. Normal customer ISP 
traffic begins. Return message to4e customer are received by the BMPS which forwards the 
messages to the customer at4ere MAC address. When the customer logs off, the ISP expires 
the customer address, urates the router as necessary and sends a logoff message to the BMPS. 
The BMPS cancels/^e customer address, updates the router; the database and billing files as 
necessary. Th^roadband multi-service proxy server can remain in the serial path if desired to 
continuousl/check on the validity of the packets and also count the packets for billing purposes 
traversin/their link. Alternatively, the broadband multi-service can be removed fi-om the link 
allowi4 the packets to flow directly to the router and thence to the Internet through the ISP of 
th^ir choice. 

DESCRIPTION OF THE DRA WINGS 

The invention will be further understood from the following detailed description of a 
preferred embodiment taken in conjunction with an appended drawing, in which. 

Fig. 1 is a prior art representation of a broadband network providing broadband 
customers access to the Internet through an Internet Service Provider (ISP) affiliated with the 
network. 
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Fig. 2 is a representation of a broadband network including a Broadband Multi-service 
Proxy Server (BMPS) providing broadband customers access to the Internet through an ISP of 
their choice and incorporating the principles of the present invention. 

Fig. 3A is a representation of a dynamic host controlled protocol (DHCP) message format 
used in the system of Fig. 1 enabling customers to access the Internet through an ISP associated 
with the system. 

Fig. 3B is a representation of the additional fields proposed as an extension to the 
dynamic host controlled protocol (DHCP) message format used in the system of Fig. 2 enabling 
customers to access the Internet through an ISP of their choice. 

Fig. 4 is a representation of typical billing information used in the system of Fig. 2. 

Figs. 5 A, B and C are flow diagrams for connecting broadband customers in Fig. 2 to 
ISPs of their choice. 




DESCRIPTION OF PREFERRED EMBODIMENTS 

In Fig. 1 a broadband, shared link, multi-user ntWioxk XQ^^x^ z. cable, satellite, radio, 
LANAVan includes a network 1 1 coupled a plurality of cust<5mers 12*, 12^.. 12" and an Internet 
Service Provider (ISP) 14 associated with the nety/d^ 10. For simplicity, the broadband 
network 10 will be described in terms of^^le network 1 1 in which the customers 12V . . 12" 
include cable modems 16*, 16V which link the customers through a broadband cable 18 to 
a cable affiliated ISP server^ Typically, the cable modems use an Ethernet protocol for the 
computers 13*, 13^ apdl3". The modems look like any LAN network to the computer. The 
computers use ^a^quency shift to put an Internet protocol into a given channel assignment on 
the cable^r^ Typically, the modems 16', 16' share the last mile of the cable to the server 20. As 
/ 
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a result, the server cannot send responses back to the cable or broadband customers- based on an 
individual line or port connection point as in the case of a dial-in modepMJonnection to the 
Internet. In the latter case, an ISP attaches the user to an authentication server, typically a 
Remote Authentication Dial in User Services (RADRJS) server which is a software-based 
5 security authentication protocol developed by tl^e^temational Engineering Task force (IETF) 
RADIUS Working Group and available fr^rfn a number of suppliers including Microsoft, 
Redmond, Washington. RADIUS pr0<^des access to all Internet services using one username and 
password. If the authenticatiori/ii correct, the customer is assigned a temporary IP address from 
the ISP's pool of availablp^dresses using a protocol called Dynamic Host connection Protocol 

10 (DHCP). DHCP provides a mechanism through which computers using Transaction Control 
Protocol/Inteme^^rotocol (TCP/IP) can obtain protocol configuration parameters automatically 
through the ^twork. The most important configuration parameter is an IP address carried by 
DHCP a/d assigned to a computer from a pool of IP addressees managed by DHCP. DHCP is 
an o/en standard, developed by the Dynamic Host Configuration working group (DHC WG) of 

1 5 the Internet Engineering Task force (IETF). 

In the case of a cable system, however, to route messages to the correct cable modem, a 
lower level routing mechanism is used. Each cable modem is assigned a unique Medium Access 
Control (MAC) address on a shared cable. The communication protocol beneath the Internet 
protocol layer handles the MAC addresses. The MAC addressing maps out the physical network 

20 at the LAN adapted card level. IP addressing maps out the logically connected machine at the 
host level. An inter office LAN with an occasional Internet use would have continuously 
assigned MAC addresses to its computer. Some computers may occasionally get a Dynamic 
Host Control Protocol (DHCP) assigned address to use with a connection. Unique MAC 
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addresses are typically embedded by the manufacturer into the ROM of the LAN network 
interface card and are not associated with RADIUS server authentication or ISP address 
assignment Continuing in Fig. 1, the cable network 1 1 is coupled to head end equipment 19 
providing the customer with cable services as recorded by a modem management system 20 and 
to the cable affiliated ISP server 14. Included in the ISP are a router 21 linked to the Internet 28. 
The router is further linked to a RADIUS server 25; a web server 26 and a mail sen/er 27 for 

accessing the Internet 28. 

In operation, a cable customer sends a DHCP message 30 shown in Fig. 3A to the ISP 14. 
The message is a standard DHCP packet which contains a base layer 3 1 containing a code field 
33; hardware type field 34; hardware address length field 36, and the number of message hops 35 
implemented by routers and ten (10) stacked layers 32- 1 ...31-10 superimposed on the base 
layer. Each stacked layer is 4 bytes wide unless otherwise noted. The first layer 32-1 contains a 
transaction ID 3 1 which is a random number assigned by the customer to uniquely identify a 
reply. The second layer field 32-2 indicates the customer time since bootup and a flag field 
which indicates the type of message. A bit one in the flag indicates broadcast, aher flag bits 
may be reserved and set to 0. The third layer 32-3 contains a client IP address which is set to 
0.0.0. 0 or the last known non-expired address of the client. The fourth layer 32-4 contains the 
customer address set by the server if the client IP address was 0.0.0.0. The fifth layer 32-5 
contains a server IP address which is set by the server that handles the request. The sixth layer 
32-6 contains a router address set by a forwarding router. The seventh layer 32-7 contains a 
client hardware address set by the client. The eighth layer 32-8 may optionally contain the null 
terminated host name of the responding server. The ninth layer 32-9 contains a boot file name 
used by the client in the boot up process when BOOTP is also in use. The tenth layer 32 -10 
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contains an options row which when used with BOOTP, typically includes a code 99. 130.83.99 

in the first four bytes to identify the mode that the succeeding data is to be interpreted. This code 

is followed by tag options as defined in ffiFT RFC 2132. These DHCP options may include 

information on routers, DNS, and other domain information. The message is processed at the 

head equipment and passed to the RADIUS server, which uses the MAC address of the sending 

modem as a source address for the customer. Customer messages are processed through the 

Internet using the web server or the mail server, as the case may be. 

^. ^urrently, there is no way to enable a group of cable users to choose an ISP not affiliated with 
\ 

tWe cable company. The customer may send a connection request to their ISP and to the related 
10 authentication server, but since the network authentication server is not yet assigned the 

customer's IP address to them, there is no way for the server return message to be routed back to 
the cusromer. 

A solution to the problem of enabling broadband customers to select an ISP of their 
choice is shown in Fig. 2. 

15 In Fig. 2 the broadband network 10' is the same as in Fig. 1, except the ISP server 14 is 

replaced with a Broadband Multi-service Proxy Server (BMPS) 22 including a database 23. A 
BMPS is a conventional server programmed according to Figs 5A - 5C, to be described 
hereinafter. A home network 24 has been added to the cable network lO'as an option to the 
network. The BMPS is linked to the router 21' for accessing a plurality of Internet Service 

20 Providers 40, 41, and 42 via an ISP network 29. Databases 43, 44 and 45 are associated with the 
ISPs 40, 41, 42, respectively. The ISPs are coupled to the Internet 28'. An extended DHCP 
message structure 39 shown in Fig. 3B. is used in accessing the ISPs The extended DHCP 
message structure includes an additional layer 32-1 1 containing an ISP server name; a layer 32- 
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12 containing the BMPS name, and a layer 32-13 containing the customer or end user ID and 
password. 

s Resuming to Fig. 2, prior to sign on the customer contacts an ISP(s) for Internet service 

^ ^ \ • • A A 

and is proviWed with a user ID, password and logon script. The customer information is recorded 
5 in a databases) 40, 41,43, as the case maybe. Upon sign on the customer authentication function 
is accomplish^ in a cooperative manner between different servers, the BMPS and the selected 
ISP server. Thl BMPS processes the initial customer DHCP logon request. The request may or 
may not have a kerver or client IP address identified per the standard Internet DHCP process. 
The underlying A-otocol can be whatever protocol is supported by the cable modem. As part of 

10 the logon messagd the MAC address is attached to identify the origination point of the message. 
This MAC address fte placed in the client hardware address field. Fig. 3a 32-7, of the DHCP 
package. The BMPsVhecks the modem MAC address against the modem management system 
to verify the customer illegitimate and then obtains and records the customer profile for 
management and billing pVpose in the database 23'. The server 21 sends the logon request to 

1 5 the selected ISP on behalf ofUhe customer using the DHCP message 30 and the extended DHCP 
message 39 (See Figs. 3A andW) including the customer or end user ID and password or 
another unique identifier. The I55P server checks the ID and password in the associated database 
40, 41, 42, as the case maybe, for authentication and if legitimate proceeds as normal returning 
an IP address assignment to the source address i.e., the server 22 using the DHCP message 

20 formats 30 and 39. The server 22 upd)ktes the database 23 and routing table in router 21 ' so as to 
allow future customer messages with theVuthenticated address to traverse the links authorized to 
the selected ISP. The customer updates hi^ddress mechanism with a valid IP address for IP 
usage. Future IP packets flow fi-om the customer to the router 21 ' then to the selected ISP which 
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forwards the messaie to the message destination. Return packets from the message receiver 
reverse the route to the customer. The server 22 can remain in the serial path if desired to 
continue to check on the validity of the packet and count the packets for billing purposes 
traversing the links or th\server 22 can be removed from the link allowing the packets to flow 
5 directly to the router, as described. 

When the Internet session is\ver, the selected ISP sends the BMPS 22 a sign out message for the 
assigned address that was usedXlhereafter, the BMPS 22 will remove that source address of the 
valid source or destination addres\ in the router table. 

Since the customer is serviced by both the cable company and the ISP, billing 

1 0 information and customer care information needs to be collected for both parties. Some collected 
information may be solely pertinent to the cable supplier. Other information may be solely 
pertinent to the ISP. Still other information may be common to both the cable company and the 
ISP. Figure 4, show typical information which may be collected and stored in the modem 
management system. The information common to the ISP and broadband carrier includes User 

1 5 Name; User Address; User ID; User Password and ISP name. Information variable per session 
includes Transaction ID; Start/Stop times; Packet count; Bandwidth allocated and special service 
charges. Information special to the broadband carrier includes Client Address; and Broadband 
carrier billing data including a pointer to billing detail and special service charges. 

Now turning to Figs 5 A, B and C, the system in Fig. 2 will be described in terms of a 

20 process 500 enabling broadband customers to access the Internet through one or more ISPs of 

their choice, as follows: 

In Figure 5 A the process 500 is entered in block 501 in which a customer or end user 
signs up for ISP service typically by means other than the network, for example, mail, phone, 
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card, etc. In block 503 the ISP(s) sends the customer a logon program with the ISP's IP address, 
logon script and a customer ID and password. In block 505 the ISP sends the BMSP server a 
database update message containing the user name, user ID, password and any other details 
required to uniquely identify the user to both the ISP and the BMPS. A test is performed by the 
5 BMPS in block 507 to determine if the customer is a current broad band customer. A "no" 
condition initiates an error message in block 509 in which the BMPS server responds to the ISP 
with an unknown user error message after which the process returns to block 501. 
A "yes" condition for the test 507 transfers the process to the block 51 1 in which the BMPS 
updates the database 23 with the information and maps the data to a physical broad based modem 
10 sending or source address such as the modem MAC address. Thereafter in block 5 1 3 the BMPS 
authorizes the customer modem and router for access to the ISP for DHCP messages or other 
services indicated in the user profile. The BMPS sends the authorization message to the ISP host 
in block 515 after which the customer is ready to access the internet through the ISP of his/her 
choice. 

1 5 In Figure 5B the customer powers on in block 5 1 7 and selects an access logon script to 

the selected ISP. In block 519 the customer sends an extended DHCP request (Figs 3A and 3B) 
through the broad band modem onto the cable network 1 T . The BMPS receives the customer 
DHCP request block 521. The BMPS checks the database for the customer profile in block 523. 
A test is conducted in block 525 to determine if the customer is a legitimate broad band 

20 customer. A "no" condition initiates a temporary assignment of an IP address using the DHCP 
response in block 527. The BMPS sends the customer an unknown user error message in block 
529 and revokes the temporary IP address in block 53 1 after which the process returns to start. 
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A "yes" condition for the test 525 stores the customer ID and password in its database in 
block 533. In block 535 the BMPS sends the selected ISP the extended DHCP message with 
user ID and password and using the BMPS server as the source address. In block 537 the ISP 
receives the extended DHCP message; checks its database for the customer ID and password in 

5 the network 1 1' and BMPS 22. 

In block 539, the ISP conduct.-, a test to determine if the DHCP request on message is 

from a legitimate customer. 

Turning to Figure 5C, a "no" condition for the test 539 nullifies the DHCP request 
message and in block 541 the ISP does not assign an IP address to user but notifies the BMPS of 
10 an intrusion attempt. The ISP terminates processing the DHCP logon request in block 543 and 
transfers to a waiting state. 

In block 545 the BMPS follows its local security practices with respect to intrusions and 

the process ends. 

A "yes" condition for the test 539 initiates block 547 in which the ISP sends an extended 
1 5 DHCP response with the customers assigned IP address to the BMPS. The ISP updates the 

router tables in block 549 which allows the customer to use the IP address. The BMPS maps the 
assigned IP address to the appropriate outstanding customer request in block 551. In block 553 
the BMPS emulates the ISP and sends a standard DHCP reply to the customer and then updates 
the network router to allow the new address. The customer updates its address book in block 555 
20 to include the assigned IP address in the address field of messages. With the IP address the 
customer conducts normal ISP traffic in block 557. A test is performed in block 559 to 
determine if the session with the ISP is ended. A "no" condition returns the process to block 
557. A "yes" condition for the test 559 initiates block 561 in which the customer logs off using 
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normal log off procedures. In block 563 the ISP allows the customers ISP address to expire; 
updates its router tables and sends a log off message to the BMPS. The BMPS cancels the 
customer address in blocks 565 and updates its routers; database and billing files as necessary 
after which the process ends. 

While the invention has been shown and described in conjunction with the preferred 
embodiment, various changes can be made without departing from the spirit and scope of the 
invention as defined in the appended claims, in which: 
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